Bug 3327

Summary: Wrong index used in pkcs11 cert attribute array when fetching x509 subject name
Product: Portable OpenSSH Reporter: Leif Thuresson <leif.thuresson>
Component: SmartcardAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: minor CC: djm
Priority: P5    
Version: 8.6p1   
Hardware: Other   
OS: All   
Bug Depends on:    
Bug Blocks: 3302    

Description Leif Thuresson 2021-06-24 03:03:24 AEST 
Result is that key label is set to "invalid subject" instead of certificate subject name.

Here is a fix diff against openssh-portable master branch



diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 844aa9ff..a727d1bd 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -973,7 +973,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
        }
 
        /* Decode DER-encoded cert subject */
-       cp = cert_attr[2].pValue;
+       cp = cert_attr[1].pValue;
        if ((x509_name = d2i_X509_NAME(NULL, &cp,
            cert_attr[1].ulValueLen)) == NULL ||
            (subject = X509_NAME_oneline(x509_name, NULL, 0)) == NULL)
Comment 1 Damien Miller 2021-06-25 16:33:02 AEST 
committed as d443006c0 and will be in the openssh-8.7 release - thanks!
Comment 2 Damien Miller 2022-02-25 13:58:00 AEDT 
closing bugs resolved before openssh-8.9